Hey there @Insighting welcome back!
Setting cookies to HttpOnly would prevent JavaScript from reading the value. If you are building a SPA application for example, JS must have access to these values.
If this is a requirement for your application you may need to move your authentication to a backend which would allow for the use of HttpOnly cookies and sessions as needed.
Hope this helps!